feat: Check init tasks #478

This affects only the registration time. Subsequent boots don't check for cloud-init in any way. We check if there is a `cloud-init` command in PATH, and launch `cloud-init status --wait` right after registration is complete. This will wait until cloud-init completes what's doing or report error/disabled states. Cloud-init could have created Linux user accounts. Users could have been created in many other ways, even pre-created during image build. We expect the desired default user to be set via `/etc/wsl.conf`. That would work even without the distro launcher, so it's reasonable to assume the desired default to be present there. We "parse" that file and, if there is the default user entry, then we set it via WSL API (which is faster than terminanting and restarting the instance). When "parsing" /etc/wsl.conf (which is INI like syntax), we deliberately stop on the first occurence of the [section].key we're looking for. That matches the behavior observed in WSL itself. If we don't find a default user set, we check if the current default user is still root, in which case we look for any non-system user in the NSS passwd database (by launching getent), i.e. any user with UID between 1000 and 65534 (the nobody). Finally, we fallback to the interative user creation, i.e. the default upstream prompting. We do some effort to keep /etc/wsl.conf and the Windows registry (via WSL API) in sync, in the sense that whatever user we set as default via one means we also set in the other. I originally intended to put this implementation inside DistributionInfo.h/cpp to ensure less files being touched (thus less diff compared to upstream) but that doesn't play nice with CI 'Refresh releases and assets' workflow. So I placed the code in its own component, and inside a subdirectory, so if there comes a time we need to revert that change (it becomes obsolete or so) it remains easy to drop. Also, being inside a subdirectory allows me to drop a .clang-format in there without worrying of reformatting upstream code :) Lessons learned from the launcher old times: - We can put cpp files inside a subdirectory and still work with precompiled headers in Visual Studio if we either adjust the include path for every cpp file or adjust the path to the precompiled header for every cpp file (no winner :) )

And unnecessary assertion for empty stdout That's never the case.

For now that's all we need from the golden testutils we have everywhere else.

It assumed distroName to match the AppID Which is not the case. Ubuntu24.04LTS is the AppID for the distroName Ubuntu-24.04. Thus we need to check for Ubuntu-WX.YZ :) This is yet a bit tricky because nowadays we set the policy during image build, So a rootfs meant to build an LTS app (thus Prompt=never) could be recycled to build Ubuntu-Preview during tests and that would break the assertion. TODO: Verify if CI is happy with just this change.

To check whether a file exists in the distro filesystem.

s/testUserNotRoot/testWhetherUserIsRoot Parameterized :)

To allow reusing those test helpers inside testcases It pessimizes the existing TestBasicSetup a little bit But it's for a good reason.

Every testcase wipes out the WSL instance So not a lot can run in a reasonable way in CI Let's see how long those two will take. We use `<launcher.exe> install` to avoid the interactive shell in the end. If we append `--root` then the launcher should still wait for cloud-init but skip checking the creation of the default user. We check for the specific user set as default, different combinations of cloud-config may create users in different order and set or not in /etc/wsl.conf. This way we check if the launcher does the right thing even without /etc/wsl.conf and if it skips doing anything else when `install --root`.

We have more to do It's reasonable to assume it will take longer :)

Temporarily at least, as we don't have oracular images yet.

once we have backported everything and Ubuntu is transitionned to 24.04

Making sure to explain how we indirectly look for the registry.

With a caveat: that function can only read local files, i.e. in the Windows OS filesystem. No shared mounts. Thus we make an effort to copy the instance's /etc/wsl.conf to a private (best effort) temporary path, using OS primitives to guaratee automatic deletion. From that place, it's just a function call to read the key we are interested in. Let's trust the OS can deliver us a suitable temporary file under %TEMP%. In production that's more likely, as the %TEMP% dir is private to the app when FS virtualization is ON.

If the username is wrong, i.e. there is no matching UID in passwd ignore it and exit success. As a consequence we can totally remove writing into /etc/wsl.conf: 1. We won't fix any mistakes 2. If a default user is set from outside (WSL API/registry), it suffices to make such user the default, no need to keep both in sync. 3. If no default user is set, we do so via the WSL API, which unfolds into the reasoning above. And just to clarify, if both are set to different users, registry takes precedence over /etc/wsl.conf even after reboot.

When approaching cloud-init, run it unconditionally Added a not-so-beautiful trick to avoid printing /bin/bash: error 1: cloud-init command not found. Finally, if it doesn't exit 0, show the long status cloud-init status --long.

Relying only on the UID may be misleading So we wanted to check the login shell (the last field of the line) to determine whether an account is a system or real user. That required parsing the passwd more carefully Using istringstreams as before would incur in potentially lots of small memory allocations. Writing an iteration scheme by hand with string_views prevents most of the unnecessary allocations while offering an elegant, idiomatic iteration and parsing on-the-flight. Most of that code wouldn't be needed in C++20, std::ranges::split would do most of this job, but with C++17 we need to craft the iteration by hand.

For that we need GoWSL, so let's import it. This whole idea is very prone to races. Let's see how it behaves in CI.

We could break passwd in one way at a time, but I'm affraid of having tons of test cases making CI run for too long. So, as the system happily ignores broken lines, I'm all for breaking them in all the ways we want in the same tests and have few tests running with broken passwd.

CI was failing because bash.exe didn't know how to handle symlinks. Powershell knows by default, but the resulting script would be uglier. It turns out it's just an MSYS toggle to fix bash.exe.

Plus comments about the order we check for registry settnig errors.

Apparently quoting is necessary for globing with a single '*'

When trying to download a rootfs

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Check init tasks #478

feat: Check init tasks #478

Commits on Jul 10, 2024